# This file is part of BlackArch Linux ( https://www.blackarch.org/ ).
# See COPYING for license details.

pkgname=cuckoo
_pkgname=Cuckoo
pkgver=2.0.7
pkgrel=10
pkgdesc='Automated malware analysis system.'
arch=('x86_64' 'aarch64')
groups=('blackarch' 'blackarch-malware')
url='http://cuckoosandbox.org/'
license=('custom:unknown')
backup=('opt/cuckoo/conf/auxiliary.conf'
        'opt/cuckoo/conf/cuckoo.conf'
        'opt/cuckoo/conf/esx.conf'
        'opt/cuckoo/conf/kvm.conf'
        'opt/cuckoo/conf/memory.conf'
        'opt/cuckoo/conf/processing.conf'
        'opt/cuckoo/conf/reporting.conf'
        'opt/cuckoo/conf/virtualbox.conf'
        'opt/cuckoo/conf/vmware.conf')
depends=('python2' 'python2-sqlalchemy' 'python2-dpkt' 'python2-jinja'
         'python2-magic' 'python2-pydeep' 'libvirt' 'python2-bottle'
         'python2-pefile' 'python2-pymongo' 'tcpdump' 'yara' 'python2-yara'
         'python2-alembic' 'python2-beautifulsoup4' 'python2-cffi'
         'python2-chardet' 'python2-django' 'python2-ecdsa' 'python2-enum34'
         'python2-flask' 'python2-httpreplay' 'python2-idna' 'python2-ipaddress'
         'python2-itsdangerous' 'python2-mako' 'python2-markupsafe'
         'python2-ndg-httpsclient' 'python2-pyasn1' 'python2-pycparser'
         'python2-pyopenssl' 'python2-dateutil' 'python2-requests' 'python2-six'
         'python2-werkzeug' 'python2-tlslite-ng' 'python2-wakeonlan'
         'python2-sflock' 'python2-scapy' 'python2-wol' 'python2-egghatch'
         'python2-peepdf' 'python2-gevent' 'python2-flask-sqlalchemy')
makedepends=('python2-pip')
source=("https://files.pythonhosted.org/packages/source/${_pkgname::1}/$_pkgname/$_pkgname-$pkgver.tar.gz"
        'https://raw.githubusercontent.com/BlackArch/tcpdump_net_raw/master/tcpdump_net_raw.c'
        'setup.py.patch')
sha512sums=('3712d33052469927afe326383a73f61639749560a048e85ce38b0a7cc0f6fc89977c169ac4c69f8b04635a8ef30deca53e9c5eb760c82de29411dfae90fc3809'
            'e53f97162d5fda4ca29c444209be04fe4c447b33c8ccb375a310217d8baf15043d2bf70e87607ca90de5f273066e2a94ad27cf863dfb8635d5714c9afd455133'
            'b25e7160a6018c4647225c2c9cb8f817a8bf4f0d3a184bf4a9af40a6e284a6e97dab0b7a89eff80b81bc320bbaac0a8ca1239d442df6d1e7a6bfb83f056830f1')
install="$pkgname.install"

prepare() {
  cd "$_pkgname-$pkgver"

  find "$srcdir" -type f -name '*.py' -exec \
    sed -i 's|#!/usr/bin/env python|#!/usr/bin/env python2|' {} \;

  sed -i 's|^version_check =.*|version_check = off|' \
    cuckoo/private/cwd/conf/cuckoo.conf

  sed -i 's|^tcpdump =.*|tcpdump = /opt/cuckoo/cuckoo_tcpdump|' \
    cuckoo/private/cwd/conf/auxiliary.conf

  sed -i 's|^platform =.*|platform = linux|' \
    cuckoo/private/cwd/conf/{kvm.conf,virtualbox.conf,vmware.conf,esx.conf}

  patch -p0 < "$srcdir/setup.py.patch"
  #sed -i 's|scapy==2.3.2|scapy|' setup.py
}

build() {
  make tcpdump_net_raw

  cd "$_pkgname-$pkgver"

  python2 setup.py build
}

package() {
  cd "$_pkgname-$pkgver"

  install -dm 755 "$pkgdir/usr/bin"
  install -dm 755 "$pkgdir/opt/$pkgname"

  python2 setup.py install --root="$pkgdir" --prefix=/usr -O1 --skip-build

  #PIP_CONFIG_FILE=/dev/null pip2 install --isolated --root="$pkgdir" \
  #  --ignore-installed --no-deps ./

  install -m 754 "$srcdir/tcpdump_net_raw" "$pkgdir/opt/$pkgname/cuckoo_tcpdump"

  rm -rf build
  cp --no-preserve=ownership -a * "$pkgdir/opt/$pkgname/"

  chmod u+rwX,g+rwX,o+rX -R "$pkgdir/opt"

  cat > "$pkgdir/usr/bin/$pkgname" << EOF
#!/bin/sh

if ! id | grep -q '(cuckoo)' && ! [ \$EUID -eq 0 ] ; then
  echo "ERROR: Add yourself to the cuckoo group to use cuckoo as an unprivledged user."
  exit 1
fi

cd /opt/cuckoo
exec python2 $pkgname/main.py "\$@"
EOF

  chmod +x "$pkgdir/usr/bin/$pkgname"
}

